Dan Lorenc discusses the rise of software supply chain security threats, the value of accurate asset inventory, and how companies are addressing these challenges.
Researchers warn that a stealthy callback phishing attack has been targeting the legal and retail sectors with the end goal of stealing data for extortion.
The Hive ransomware has victimized 1,300 companies globally as of November, in particular targeting healthcare sector organizations, according to U.S. federal agencies in a new advisory.
Welcome back to Source Code, Decipher's weekly news wrap podcast with input from our sources.
New variants of the RAT reveal added functionalities and deployment alongside other malware families.
Rapid7 researchers discovered two code execution flaws in several versions of the F5 BIG-IP appliances.
Hundreds of thousands of email distributing Emotet reveal significant changes to the malware's tactics and payloads.
Dan Lorenc, CEO and founder of Chainguard, joins Dennis Fisher to talk about supply chain security, asset inventory, Sigstore, and the challenges of helping developers write more secure code.
A watchdog report highlighted weaknesses in the Department of Defense's cyber incident reporting procedures, particularly for the critical defense industrial base sector.
Attackers are focusing their attention on critical infrastructure operators, and building resilience into those networks is a key to defending them, experts say.
VMware researchers said the malware has appeared in at least 43 infections that have primarily targeted business services, financial services, manufacturing and education organizations.
A 33-year-old dual Russian and Canadian national was arrested this week for allegedly participating in LockBit ransomware attacks.
GitHub has launched a new feature that enables researchers to privately report vulnerabilities to repository maintainers.
Threat actors leveraged an emerging distributed file storage protocol in attacks deploying a Python-based information stealer called Hannabi Grabber.
Lenovo has patched three vulnerabilities in the BIOS in many of its laptops that could allow an attacker to modify the secure boot process.